Skip to content

Commit

Permalink
Merge pull request #6 from BMSVieira/development
Browse files Browse the repository at this point in the history 
Development
  • Loading branch information
@BMSVieira
BMSVieira authored Jun 20, 2022
2 parents 139b9e6 + af797a8 commit 9c9af25
Show file tree
Hide file tree
Showing 10 changed files with 759 additions and 173 deletions.
456 changes: 312 additions & 144 deletions README.md
View file

Large diffs are not rendered by default.

13 changes: 11 additions & 2 deletions ost_wbs/classes/class.department.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ class Department
{
public function all($parameters)
{
// Check Request method
$validRequests = array("GET");
Helper::validRequest($validRequests);

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
Expand All @@ -11,8 +15,9 @@ public function all($parameters)
// Sorte by Date
case "creationDate":

$startDate = Helper::getFormatedDate($parameters["parameters"][0], "start");
$endDate = Helper::getFormatedDate($parameters["parameters"][0], "end");
// Get Start&End Date
$startDate = $parameters['parameters']['start_date'];
$endDate = $parameters['parameters']['end_date'];

// Query
$getDepartment = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."department WHERE ".TABLE_PREFIX."department.created >= '$startDate' and ".TABLE_PREFIX."department.created <= '$endDate'");
Expand Down Expand Up @@ -57,6 +62,10 @@ public function all($parameters)
public function specific($parameters)
{

// Check Request method
$validRequests = array("GET");
Helper::validRequest($validRequests);

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
Expand Down
12 changes: 10 additions & 2 deletions ost_wbs/classes/class.faq.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ class Faq

public function all($parameters)
{
// Check Request method
$validRequests = array("GET");
Helper::validRequest($validRequests);

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
Expand Down Expand Up @@ -36,7 +40,7 @@ public function all($parameters)

foreach ($result as $key=>$category) {

if ($result[$key]['faqs'] = $this->specific(['parameters'=>[0=>$category['id']]],TRUE) )
if ($result[$key]['faqs'] = $this->specific(['parameters'=>["id"=>$category['id']]],TRUE) )
{

} else {
Expand Down Expand Up @@ -75,10 +79,14 @@ public function all($parameters)

public function specific($parameters,$exception = FALSE)
{
// Check Request method
$validRequests = array("GET");
Helper::validRequest($validRequests);

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
$cID = $parameters["parameters"][0];
$cID = $parameters["parameters"]["id"];

// Query
$getFaq = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."faq WHERE category_id = " . $cID . " AND ispublished = 1");
Expand Down
27 changes: 26 additions & 1 deletion ost_wbs/classes/class.helper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ public function checkTicketStatus($ticketstatus)
return true;
}

// Get formated date from string
// Get formated date from string
public function getFormatedDate($fullstring, $condition)
{

Expand All @@ -35,6 +35,31 @@ public function getFormatedDate($fullstring, $condition)
}

return $result;
}

// Check if request method is valid
public function validRequest($method){
if(!in_array($_SERVER['REQUEST_METHOD'], $method)){
throw new Exception($_SERVER['REQUEST_METHOD']." is not a valid request method");
}
}

// Check permissions
public function checkPermission(){
if(CANCREATE == 0){ throw new Exception("Error! Your API Key is READ ONLY, it is no allowed to make any action.");}
}

// Get last ID
public function get_last_id($table, $field)
{
// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();

// Get last inserted ID
$getLastId = $mysqli->query("SELECT ".$field." FROM ".TABLE_PREFIX."".$table." ORDER BY ".$field." DESC LIMIT 1");
$printLastId = $getLastId->fetch_object();

return $printLastId->$field;
}
}
3 changes: 3 additions & 0 deletions ost_wbs/classes/class.key.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ function OAuth($key)
if(!$this->farray["isactive"] || APIKEY_RESTRICT && $this->farray["ipaddr"] != $_SERVER['REMOTE_ADDR'])
throw new Exception("API key not found/active or source IP not authorized");

define('CANCREATE', $this->farray["can_create_tickets"]); // Can create
define('CANEXECUTE', $this->farray["can_exec_cron"]); // Can execute

}

function cancreate()
Expand Down
167 changes: 164 additions & 3 deletions ost_wbs/classes/class.sla.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ class Sla
{
public function all($parameters)
{
// Check Request method
$validRequests = array("GET");
Helper::validRequest($validRequests);

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
Expand All @@ -11,8 +15,9 @@ public function all($parameters)
// Sorte by Date
case "creationDate":

$startDate = Helper::getFormatedDate($parameters["parameters"][0], "start");
$endDate = Helper::getFormatedDate($parameters["parameters"][0], "end");
// Get Start&End Date
$startDate = $parameters['parameters']['start_date'];
$endDate = $parameters['parameters']['end_date'];

// Query
$getSla = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."sla WHERE ".TABLE_PREFIX."sla.created >= '$startDate' and ".TABLE_PREFIX."sla.created <= '$endDate'");
Expand Down Expand Up @@ -59,7 +64,7 @@ public function specific($parameters)
// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();
$uID = $parameters["parameters"][0];
$uID = $parameters["parameters"]["id"];

// set query
$getSla = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."sla WHERE ".TABLE_PREFIX."sla.id = '$uID'");
Expand Down Expand Up @@ -93,5 +98,161 @@ public function specific($parameters)
// Return values
return $returnArray;
}


public function add($parameters)
{

// Check Permission
Helper::checkPermission();

// Check Request method
$validRequests = array("POST", "PUT");
Helper::validRequest($validRequests);

// Expected parameters
$expectedParameters = array("name", "flags", "grace_period", "schedule_id", "notes");

// Check if all paremeters are correct
self::checkRequest($parameters, $expectedParameters);

// Check if row already exists
if($this->checkExists('name', $parameters["parameters"]['name'])) { throw new Exception("Item Already exists"); }

// Prepare query
$paramOrder = "";
$valuesOrder = "";

foreach ($parameters["parameters"] as $key => $value) {

// Parameters order
$paramOrder = $paramOrder.",".$key;
// Values order
if(is_numeric($value)) { $valuesOrder = $valuesOrder.",".$value.""; } else { $valuesOrder = $valuesOrder.",'".$value."'";}
}

// Remove first comma
$paramOrder = substr($paramOrder, 1);
$valuesOrder = substr($valuesOrder, 1);

// final Query
$addQuery = "INSERT INTO ".TABLE_PREFIX."sla ";
$addQuery .= "(".$paramOrder.", created, updated)";
$addQuery .= "VALUES(".$valuesOrder.", now(), now())";

// Send query to be executed
return $this->execQuery($addQuery);

}

public function delete($parameters)
{

// Check Permission
Helper::checkPermission();

// Check Request method
$validRequests = array("DELETE");
Helper::validRequest($validRequests);

// Expected parameters
$expectedParameters = array("id");

// Check if all paremeters are correct
self::checkRequest($parameters, $expectedParameters);

// Prepare query
$paramOrder = "";
$valuesOrder = "";

if($this->checkExists('id', $parameters["parameters"]['id']) == 0) { throw new Exception("Item does not exist."); }

foreach ($parameters["parameters"] as $key => $value) {

// Parameters order
$paramOrder = $paramOrder.",".$key;
// Values order
if(is_numeric($value)) { $valuesOrder = $valuesOrder.",".$value.""; } else { $valuesOrder = $valuesOrder.",'".$value."'";}
}

// Remove first comma
$paramOrder = substr($paramOrder, 1);
$valuesOrder = substr($valuesOrder, 1);

// final Query
$addQuery = "DELETE FROM ".TABLE_PREFIX."sla ";
$addQuery .= "WHERE id= ".$valuesOrder;

// Send query to be executed
return $this->execQuery($addQuery);

}

public function checkRequest($parameters, $expectedParameters)
{

// Error array
$errors = array();

// Check if parameters is an array
if(gettype($parameters["parameters"]) == 'array'){

// Check for empty fields
foreach ($expectedParameters as $key => $value) {
if(empty($parameters["parameters"][$value])) {
array_push($errors,"Empty or Incorrect fields were given.");
}
}

// Check for unkown or unexpected fields
foreach ($parameters["parameters"] as $key => $value) {
if (!in_array($key, $expectedParameters)) {
array_push($errors,"Unexpectec fields given.");
}
}

// If no errors, continue
if(count($errors) > 0){
throw new Exception("Empty or Incorrect fields were given, read documentation for more info.");
}

} else {
throw new Exception("Parameters must be an array.");
}

}

private function checkExists($field, $value)
{

// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();

// Check if already exists
$checkExists = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."sla WHERE ".TABLE_PREFIX."sla.".$field." = '".$value."'");
$numRows = $checkExists->num_rows;

return $numRows;

}

private function execQuery($string)
{
// Connect Database
$Dbobj = new DBConnection();
$mysqli = $Dbobj->getDBConnect();

// Check if already exists
$insertRecord = $mysqli->query($string);

if($insertRecord)
{
return "Success! Row 1 affected.";
} else {
throw new Exception("Something went wrong.");
}
}

}
?>
Loading

0 comments on commit 9c9af25

Please sign in to comment.